Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 5 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 1545 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SPF Return-Path oder From Check?

Florian Bartsch

Moin zusammen,

kurze Nachfrage zum Thema SPF.

Aktuell hat uns ein Dienstleister eines Kunden darüber informiert, dass eventuell beim SPF Check nicht die "Return-Path" sondern die "From" Adresse geprüft wird, weshalb die Sophos weitergeleitete Mails fehlerhaft abweist?

 

Der Dienstleister des Kunden nutzt SRS (Sender Rewriting Scheme).

Kann da was dran sein oder sollte die UTM garantiert den "Return-Path" Eintrag verwenden?

 

Danke im Voraus für jede Rückmeldung und Hilfestellung!

LG,

Flo



This thread was automatically locked due to age.
  • 0

    Hallo Flo,

    (Sorry, my German-speaking brain isn't creating thoughts at the moment. [:(])

    I think the Dienstleister may be confused.  The SPF-check is done during the SMTP transaction and is based on the domain name in the MAIL FROM command issued by the sending server.  A long-standing feature request for the UTM has been the ability to separately and additionally check the From field in an email message.  The From field is optional and is sent after the DATA command is issued by the sending server.

    MfG - Bob (Bitte auf Deutsch weiterhin.)

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hey Bob,

    yeah, that confused me, too.

    His argument depends specifically on "When using "SRS" for redirections, than the receiving system should recognise this and check the return-path instead on mailfrom".

    Or does UTM dont support SRS?

    Can you say something about that constellation?

    Thanks again.

     

     

  • 0 in reply to Florian Bartsch

    Flo,

    https://de.wikipedia.org/wiki/Sender_Rewriting_Scheme: Das Sender Rewriting Scheme (kurz SRS) ist eine Methode, um den Absender (genauer: den Envelope Sender) einer E-Mail so umzuschreiben, dass Sender Policy Framework (SPF) auch mit Mail-Umleitung funktioniert. 

    MfG - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0

    SRS should prevent SPF failures.   

    You need the SMTP log from the UTM that blocked the message, and from the system that forwarded the message.   Also check the non-delivery report received by the user that sent the message.   

    • One possibility is that the forwarding system has a problem in its SPF record.   
    • Another possiblity is that UTM rejected the message for another reason, and an SPF failure was assumed.
    • A third possiblity is that SRS was not applied to the message when it was forwarded.
    • A bug in UTM seems the least likely, as I expect it would have been discussed in this forum.
  • 0 in reply to BAlfson

    Moin Bob,

    nimm's mit nicht übel aber Google benutzen kann ich selbst und hab ich auch zu genüge getan.

    Das hilft leider nicht, um meine Fragestellung zu beantworten.

     

    @Douglas: Thank you. That informations are enough for now to answer my question about the functionality of SRS with a UTM. I dont think that there is a bug at this point because there are too less discussions for that theme.

     

    LG,

    Flo

Unfiltered HTML